With different nations establishing different privacy standards, organizations face adopting the most stringent regulations in order to be compliant everywhere they operate, says Marc Groman, a director of the International Association of Privacy Professionals.

Cloud computing and mobility are areas likely to see new regulatory attention in the year ahead. But what are the other hot topics that leading attorneys believe will be addressed in new legislation worldwide?

What are the top account takeover threats to banking institutions in 2013? Ken Baylor of NSS Labs discusses Zeus variants, mobile malware and how institutions can protect themselves from fraudsters.

The penalties paid out by HSBC and Standard Chartered Bank for violations to money-laundering regulations should serve as a wake-up call, says Kevin Sullivan. In fact, banking institutions should brace for more fines.

When it comes to mobility, how do leaders balance security needs with employees' BYOD desires? The easy answer: Just say no. But that's also the wrong answer. What security tips do these leaders offer?

Members of the U.S. Congress may be more sensitive to cyberthreats than they were in the past, but that doesn't mean they truly all appreciate the risk key government and private-sector IT systems face, says House Cybersecurity Caucus Co-Chair Jim Langevin.

From Global Payments to LinkedIn and Zappos, 2012 was filled with notable data breaches. What were the most significant breaches, and how should they influence organizations' breach responses in 2013?

IBM's Dan Hauenstein, in analyzing Big Blue's 2012 Tech Trends Report, says security concerns often inhibit the adoption of four technologies: mobile, cloud, social business media and business analytics.

Heading into 2013, security leaders across industry feel confident about their processes and technology. People, though, continue to create the greatest risks. Can "awareness in depth" make a difference?

Karen Scarfone, who coauthored NIST's encryption guidance, sort of figured out why many organizations don't encrypt sensitive data when they should. The reason: they do not believe they are required to do so.